Blockchain-implemented method and system

ABSTRACT

The computer-implemented invention provides a method and corresponding system for controlling access to and/or use of an interne-enabled resource. The invention uses an electronic ledger such as, for example, the Bitcoin blockchain. The resource may be an IoT device or system. Access to the resource is permitted or enabled upon provision of a cryptographic key e.g. a private key which corresponds to a public key which has been stored in memory. In one embodiment, the public key is stored in a DHT. Access to the resource is prevented or disabled by removing the public key from memory, and using a redeem script of a second blockchain Transaction to spend a tokenised output of a first blockchain Transaction. The second transaction detokenizes the token (or ‘coloured coin’) contained within the first Transaction. In order to prevent further access to the resource, an encrypted message is sent to the internet-enabled resource, wherein the message communicates a public key and the redeem script. The resource then checks whether the public key in the message matches that stored in memory and, if it does, removes the stored version of the public key from memory. The resource then uses the redeem script to perform the detokenization.

This invention relates generally to distributed ledger technology(including blockchain related technologies), and in particular the useof a blockchain in controlling access to a resource such as, forexample, a device, system, service or electronic/digital resource. Theinvention is particularly suited for use in providing and/or prohibitingaccess to internet-enabled devices. It is also suited for use insituations where temporary access to a resource is desired e.g. inrental situations. Aspects of the invention relate also to the Internetof Things (IoT). The invention may be suited for controlling an IoTdevice.

In this document we use the term ‘blockchain’ for the sake ofconvenience and ease of reference because it is currently the mostwidely known term in this context. The term is used herein to includeall forms of electronic, computer-based distributed ledgers, includingblockchains, alt-chains, sidechains and transaction-chain technologies,permissioned and un-permissioned ledgers, shared ledgers and variationsthereof.

A blockchain is an electronic ledger which is implemented as acomputer-based decentralised, distributed system made up of blocks whichin turn are made up of transactions. Each transaction includes at leastone input and at least one output. Each block contains a hash of theprevious block to that blocks become chained together to create apermanent, unalterable record of all transactions which have beenwritten to the blockchain since its inception. Transactions containsmall programs known as scripts embedded into their inputs and outputs,which specify how and by whom the outputs of the transactions can beaccessed. On the Bitcoin platform, these scripts are written using astack-based scripting language.

In order for a transaction to be written to the blockchain, it must bei) validated by the first node that receives the transaction—if thetransaction is validated, the node relays it to the other nodes in thenetwork; and ii) added to a new block built by a miner; and iii) mined,i.e. added to the public ledger of past transactions.

The most widely known application of blockchain technology is theBitcoin ledger, although other blockchain implementations have beenproposed and developed. While Bitcoin may be referred to herein for thepurpose of convenience and illustration, it should be noted that theinvention is not limited to use with the Bitcoin blockchain andalternative blockchain implementations fall within the scope of theinvention.

Blockchain technology is most widely known for the use of cryptocurrencyimplementation. However, in more recent times, digital entrepreneurshave begun exploring both the use of the cryptographic security systemBitcoin is based on, and the data that can be stored on the Blockchain,to implement new systems.

One area of current interest and research is the use of the blockchainfor the implementation of “smart contracts”. These are computer programsdesigned to automate the execution of the terms of a contract oragreement. Unlike a traditional contract which would be written innatural language, a smart contract is a machine executable program whichcomprises rules that can process inputs in order to produce results,which can then cause actions to be performed dependent upon thoseresults.

Another area of blockchain-related interest is the use of ‘tokens’ (or‘coloured coins’) to represent and transfer real-world entities via theblockchain. A potentially sensitive or secret item can be represented bythe token, which has no discernable meaning or value. The token thusserves as an identifier that allows the real-world item to bereferenced.

The invention also relates to the use of a blockchain-implementedmechanism to control access to a resource. This resource can be an“internet of things (IoT)” device. IoT has been described by Wikipediaas “the network of physical devices, vehicles, buildings and other itemsembedded with electronics, software, sensors, and network connectivitythat enables these objects to collect and exchange data . . . The IoTallows objects to be sensed and controlled remotely across existingnetwork infrastructure”.

The present invention is defined in the appended claims.

The invention may provide a method and/or system. It may be a controlmethod/system. It may be a computer-implemented method/system. It may bea blockchain-implemented method/system. It may be arranged to utiliseblockchain transactions. It may be arranged to utilise a blockchainprotocol. The invention may be arranged to facilitate control of accessto, or use of, a resource. Thus, the invention may be arranged toprovide temporary control of a resource. It may be arranged to grantand/or deny access to/use of the resource.

The resource may be an internet-enabled resource. It may be anInternet-of-Things (IoT) resource. It may be a device or plurality ofdevices. It may be a vehicle, building or machine. The internet-enabledresource may be provided, owned, managed by a resource provider.

The invention may provide a verification or authenticationmethod/system. The invention may involve the use of at least onecryptographic key. This may be part of a public/private key pair. Thecryptographic key(s) may be generated using a shared secret.

The invention may be arranged to lock/unlock, enable or disable, operateor shut down or otherwise manipulate the state or functioning of theresource. The invention may be arranged to control temporary accessto/use of the resource by a user. The invention may be arranged toimplement a rental or hire process. The process may be implemented,defined and/or described in a contract. This may be acomputer-executable smart contract.

The invention may provide a method for controlling access to and/or useof an internet-enabled resource. The method may comprise the step ofpermitting access to and/or use of the internet-enabled resource uponprovision of a private key which corresponds to a public key which hasbeen stored in memory. The public key may be stored in memory which isin, on or connected to the resource. Additionally or alternatively, itmay be stored in a location which is remote or distinct from theinternet-enabled resource.

Additionally or alternatively, the method may comprise the step ofpreventing access to and/or use of the internet-enabled resource byremoving the public key from memory.

Additionally or alternatively, the step of preventing access and/or usemay comprise using a redeem script of a second blockchain Transaction tospend a tokenised output of a first blockchain Transaction.

The method may comprise the step of using an instruction, flag, code oropcode, or portion of computer code (which we will refer to as a ‘timelock mechanism’ for convenience) to broadcast a transaction to theblockchain network and/or specify a date and/or time when an output ofthe transaction can be spent. This may be achieved using, for example,the Bitcoin CheckLockTimeVerify (CLTV) operation or a functionallysimilar or equivalent mechanism. Additionally or alternatively, the timelock mechanism may be implemented using a suitably arranged computingagent. The transaction may be the first and/or second Transaction. Thetime lock mechanism can be used to broadcast the Transaction to theblockchain network or spend the output at a specific time, e.g. when theaccess to or control of the resource is to be granted, denied, alteredor revoked. The time-lock mechanism may be specified by a resource user,or by the resource provider or by a third party.

The public key, or a reference to its location, or a hash of the publickey may be stored in a Distributed Hash Table, or in any form ofdatabase, or any form of computer-based storage.

The public key which has been stored in memory may be accessible by theinternet-enabled resource.

The step of preventing access to the internet-enabled resource mayfurther involve sending a message to the internet-enabled resource. Themessage may communicate a public key. Additionally or alternatively, itmay communicate the redeem script. Additionally or alternatively, it maycommunicate an indicator, such as a hash, an address or a reference,which enables the public key to be located from a storage resource.

The method may further comprise the step of checking whether the publickey stored in memory is related to, or matches, the public keycommunicated by the message.

The tokenised output may comprise a locking script which includesmetadata. The metadata may comprise the public key or a hash of thepublic key or an identifier which may be used to locate the public key.

Access to the internet-enabled resource may be permitted upon provisionof the private key by an encrypted message which has been signed usingthe private key. The method may further comprise the step of enablingaccess to the internet-enabled resource if the stored public key can beused to decrypt the message. Thus, the invention may provide averification tool for verifying the identity of a user or user-relateddevice.

The encrypted message may be generated and/or encrypted by a portable orhandheld computing device. This may be a tablet computer, a smart phone,a laptop. This may be referred to as a client device. The client devicemay be arranged to generate a public and/or private cryptographic key.Alternatively, the encrypted message may be generate/encrypted by acomputing device which is not handheld or portable e.g. a PC.

The redeem script may comprise a cryptographic key associated with theinternet-enabled resource. The cryptographic key may be a public key.

The method may further comprise the step of providing the first and/orsecond blockchain transaction to a blockchain network. Thus, the firstand/or second Transaction may be validated and/or mined within ablockchain network.

The invention also provides a computer-implemented system arranged toperform any embodiment of the method described above.

A system in accordance with the invention may comprise:

-   -   an internet-enabled resource; this may be an IoT device or        apparatus; and/or    -   a blockchain; and/or    -   an internet-enabled device associated with a user and arranged        to store a cryptographic key associated with the user. The        (client) device may be a portable or handheld computing device.

The client device may be a smartphone or tablet computer or laptop. Theclient device may be arranged to generate a public and/or privatecryptographic key. It may do this using a secret value. This may be ashared secret. The client device may be arranged to execute software,such as an “app”. The app may be arranged to interact with, communicatewith the resource. It may be arranged to store a cryptographic key in asecure manner. It may be arranged to use the key to encrypt a message.It may be arranged to communicate the encrypted message to the resource.This may be achieved via a wireless communication channel and/orprotocol. The app may be arranged to communicate with another softwareresource provided on a server. The server may be operated by or for theresource provider. The server may host a web site. The web site mayenable a user to register an interest in controlling, accessing and/orusing the internet-enabled resource. The server-side software may bearranged to generate a smart contract. The smart contract may compriseterms and/or conditions relating to use of/access to theinternet-enabled resource.

The internet-enabled resource may be arranged to generate a blockchainTransaction and provide the Transaction to a blockchain network.

Any feature described in relation to one aspect or embodiment of theinvention may be equally applicable to any other aspect or embodiment ofthe invention. Any feature(s) described in relation to the method mayalso apply to the system, and vice versa.

The invention may provide a method and/or system substantially asdescribed in the following illustrative embodiment involving a carrental scenario.

These and other aspects of the present invention will be apparent fromand elucidated with reference to, the embodiment described herein. Anembodiment of the present invention will now be described, by way ofexample only, and with reference to the accompany drawings, in which:

FIG. 1a shows a system in accordance with an illustrative embodiment ofthe invention.

FIG. 1b provides a flow chart showing the steps involved in the hire ofa car using a system in accordance with the embodiment.

FIG. 2 shows a plurality of blockchain transactions and their respectiveinputs/outputs which may be used to implement an embodiment of theinvention.

FIGS. 3a and 3b illustrate a first blockchain transaction which is usedto enable access to an internet-enabled car.

FIG. 4 shows a second blockchain transaction which is used to removeaccess to the car.

FIG. 5 illustrates a third blockchain transaction which is used tocontrol access to the car.

FIG. 6 illustrates a fourth blockchain transaction which is used todetokenize an amount of cryptocurrency used in the car hire process ofthe example.

The invention provides a mechanism for providing, terminating andcontrolling temporary access to a resource. Advantageously, it uses ablockchain protocol to allow a user with access to the Internet tointeract with a resource. This could be any type of resource, but in thepresent example provided herein, the resource is an internet-enabledhire car. The method exploits the full spectrum of transactionpossibilities available in conjunction with blockchain protocols, i.e.regular (e.g. Bitcoin) transactions, smart contracts and “coloured coin”(tokenised) transactions.

Access to the resource is permitted or enabled upon provision of asignature provided by a private key which corresponds to a public keythat has been stored in memory. In one embodiment, the public key isstored in a DHT. Access to the resource is prevented or disabled byremoving the public key from memory, and using a redeem script of asecond blockchain Transaction to spend a tokenised output of a firstblockchain Transaction. The second transaction detokenizes the token (or‘coloured coin’) contained within the first Transaction. In order toprevent further access to the resource, an encrypted message is sent tothe internet-enabled resource, wherein the message communicates a publickey and the redeem script. The resource then checks whether the publickey in the message matches that stored in memory and, if it does,removes the stored version of the public key from memory. The resourcethen uses the redeem script to perform the detokenization. Thus, asimple, effective and highly secure locking/unlocking technique isprovided.

Illustrative Use Case—Vehicle Rental

For the purposes of illustration only, we provide an example in whichthe invention is used for vehicle rental services. Car rental servicesinclude wide-ranging services related to renting vehicles for specifictime periods, ranging from a few hours to a few months. These servicesare often offered via websites and through online reservations andsmartphone applications. Changes in customer preferences due to fastadoption of smartphone technology, coupled with fast Internet access,are one of the key factors responsible for industry growth. However, itshould be noted that this use case example of a car hire process is notintended to be limiting. The invention is equally of benefit in othercontexts and applications, where temporary access to some type ofresource needs to be controlled. The underlying infrastructure describedherein can be utilised for a variety of transactions where a permanentrecord is desired and where two or more parties wish to implement anytype of access-related agreement, e.g. contracts for rent of aresidential property.

The invention provides an improved access solution which is extremelyconvenient for users to interact with. It does not require the user(e.g. renter) to physically go to a pre-determined location in order toeffect or cease access. For example, in a conventional rental situation,the renter would need to go to a rental office to collect the car orproperty keys, or sign a contract etc. The invention avoids this problembecause it enables a computing device eg smartphone to function as theaccess mechanism eg car/house keys. Moreover, the invention'sincorporation of a software application provides the ability to search,and it allows users to register their details.

One important aspect of the invention is that it can exploit mechanismsfor broadcasting a blockchain transaction to a blockchain network and/orallowing an output to become spendable at a specified time. For example,the Bitcoin CheckLockTimeVerify (CLTV) mechanism can be used in aTransaction. With respect to the present invention, this can beadvantageous as it can be used to automate execution of the contract.For example, it can be used to control when access to or use of theresource can be granted, altered or denied.

It is also important to note that the resource uses Internet of Things(IoT) devices to perform a range of possible functions such asresource-related functionality. The user's cryptographic key (PubKey) iscommunicated to the resource for storage thereon or therein, in order togrant access. The key is subsequently removed from the resource's memoryin order to prohibit further access. The IoT device is a programmable“Blockchain IOT Device (BID)” i.e. it is an internet-enabled devicewhich is also able to monitor, interact with and publish to a blockchainnetwork. The invention also includes a communication protocol. In apreferred embodiment, this enables communication with the resource via asoftware application (app).

FIG. 1a illustrates system 100 used to implement a system 100 inaccordance with an illustrative embodiment of the invention. However,the skilled person will understand that variations to system 100 arepossible while still falling within the scope of the invention.

System 100 comprises:

-   -   a server 102 which hosts a website which is used by customers to        rent cars    -   a car 110 comprising an IoT device 104 which comprises a        Blockchain IoT device (BID) 106    -   a smartphone or other computing device e.g. tablet, laptop etc        108 which is configured to transmit messages to the car 110 via        the IoT device 104 using near-field communication or Bluetooth™        or any other suitable, and preferably wireless, transmission        protocol.

In this example, the “Blockchain IOT Device (BID)” is a computing Agentthat is set up to execute predetermined instructions which are storedsecurely off-BID and accessed via cryptographic keys. By ‘off-BID’ wemean that the instructions are not provided within the BID itself, butare stored elsewhere and accessed as and when required. Theseinstructions are selected and arranged to perform a chosen task orplurality of tasks. When executed, the instructions can control andinfluence the behaviour of the IOT device. The BID may reside on the IOTdevice itself, meaning that the BID is installed in memory provided inor on the IOT device. However, in other embodiments the BID may resideoff-device and have internet connectivity to the device.

The IOT device has its own cryptographic key (as well as an IP address)so it can securely communicate and interact with other devices or DHTs,etc. Its ‘operating system’ is a simple, generic system with someembedded functionality for (at least, but not limited to):

-   -   cryptographic calculations    -   retrieving instructions from an external source (such as a DHT)    -   performing simple actions such as toggling switches (i.e. as on        the physical IOT device)

Thus, neither the IOT device or its associated BID contain their ownbuilt-in instructions and neither ‘knows’ what it does or how to do it.The BID only contains a mechanism for securely retrieving instructionsfrom elsewhere. A BID can only perform a set of simple actions (thefollowing are illustrative only and not limiting):

-   -   Access to its own master private and public key pair; it also        has its own (derivable) BTC address.    -   Ability to send data to an IP address or receive data from an IP        address    -   Secret Sharing protocol calculations—in a preferred embodiment        these may be embedded in machine code    -   Look up and interpret Blockchain events    -   Operate and control the physical device it is attached to (via a        standard API that is essentially just a set of switches)

The BID's incoming and outgoing communications can be encrypted using asecurity mechanism which enables keys to be created using sharedsecrets. This allows:

-   -   (i) greater security from ‘hacking’    -   (ii) simple universal software upgrade protocols    -   (iii) device agnosticism

We now describe the various phases of the car hire process using thesystem 100 and with reference to a chain of (Bitcoin) transactions asillustrated in FIG. 2. The rental process is described using three“phases”:

-   -   1. Phase 1: the rental agreement is set up between the        participating parties    -   2. Phase 2: access to the resource is granted i.e. the customer        uses the resource    -   3. Phase 3: access to the resource is removed because the        contract has terminated from some reason e.g. it has expired at        a certain time in accordance with the terms of the contract, or        a terminating event has taken place such as the return of a        rental vehicle.

Phase 1: Contract Set-up

See FIGS. 1b and 2. In this example, the resource provider is the carrental company and the resource is the vehicle which has aninternet-enabled computer on board. A customer (who may also be referredto as a “user” or “renter” in this example) enters the details of herorder via the provider's website to indicate her desire to enter into arental agreement with the hire company. The customer provides his/herpublic key to the rental company. The public key has a correspondingprivate key, which together form a cryptographic key pair as is known inthe art. See step S100, FIG. 1 b.

In response to this, the car hire company generates a new contract. Thisis a machine-executable “smart contract” (hereinafter simply referred toas a “contract”). Smart contracts are known in the art. The car hirecompany shares the contract by publishing it in a publicly availableDistributed Hash Table (DHT) in step S102, FIG. 1 b. The contractcontains the terms of the car hire such as, for example, pick-up and thereturn times, details of the model vehicle, etc. The customer isinformed of the location of the contract (or sent a copy of it) so thatthe customer can view the terms and conditions and decide if he/shewishes to proceed. In this example, we assume that the cost of the carrental is 10 Bitcoins (BTC).

Advantageously, registration of the contract on the DHT also allows athird party to access the document and review the terms in case ofdispute. However, in some embodiments security mechanisms may be used torestrict access to the contract to authorised individuals or groups—forexample, a password or some other form of authentication may berequired.

Generation of Proposed Transaction TxB By Car Hire Company

The company also generates a blockchain transaction (TxB) which is sentto the customer (but not to the blockchain network). See proposedtransaction TxB of FIG. 3 a. In order for the rental agreement to beimplemented, the renter will need to complete Transaction TxB asprepared by the rental company. The proposed transaction includes atoken (or ‘coloured coin’). Herein, the terms ‘token’ and ‘colouredcoin’ are used interchangeably. As is known in the art, a token can beused to convey data via a ‘regular’ blockchain transaction by includingsome metadata. This is achieved by including an output which providessome intrinsic value (e.g. some Bitcoins) and includes the token withinthe metadata of the output's locking script. In the present case, thescript of Output 0 contains metadata which includes the hash of thecustomer's public key. The tokenised coin can be spent using ablockchain address that belongs to the rental car. Thus, the car will beable to access the customer's public key via the token when theagreement is implemented. This is shown in step 102 of FIG. 1 b.

Therefore, proposed transaction TxB serves as confirmation of the rentalcompany's intention to enter into the rental agreement with the renter,and also provides a way for the car to know about the renter's publickey. Proposed TxB also allows the renter to view the transaction whichcontains a hash of her public key and an output (Output 1) which isaddressed to the car.

When proposed transaction TxB is transmitted to the renter it has asingle input (I₀) and a single output (O₀). The input spends the outputof a previous transaction (as shown in dotted box in FIG. 2) and issigned with the digital signature of the car rental company.

The first input (I₀) of proposed blockchain transaction TxB comprisesthe SIGHASH flag SIGHASH_NONE|SIGHASH_ANYONECANPAY which enables inputsand outputs to be added to TxB. Use of SIGHASH_NONE protects the inputin that no one can change it. However, the renter is able to change theoutput.

The locking script for this output O₀ includes a hash of the renter'spublic key. The locking script contains the following:

OP_HASH160<hash160(redeem script)>OP_EQUAL

In order to unlock output O₀ of TxB the following redeem script isrequired:

OP_1<metadata hash (renter's public key)><car's publickey>OP_2OP_CHECKMULTISIG

This metadata in the script comprises the ‘coloured coin’ which willallow the car to access the renter's public key when the set-up processhas been completed.

Generation of Transaction TxB by Car Hire Company

When the car hire company submits the contract document to the DHT italso generates a new document which contains a hash of the renter'spublic key and shares it to the DHT. TxB′ is a blockchain transactionwhich includes an output having a coloured coin attached to it. See FIG.5. The coloured coin is used to inform the escrow agent of the locationof the renter's public key. This is needed for the termination phase ofthe rental process, as discussed below. The redeem script for TxB′ isgiven as:

OP_1<metadata of hash (renter's public key)><escrow's publickey>OP_2OP_CHECKMULTISIG.

Therefore, the escrow's public key is required to unlock TxB′ and gainaccess to the renter's public key.

Completion of TxB by Customer

If the customer wishes to proceed with the car hire, (s)he spends aBitcoin (or other digital currency) that she owns from a previoustransaction (TxA). See step 104, FIG. 1b and FIG. 2. We assume that thecoin value of the previous output is 15 BTC and the cost of the vehiclerental is 10 BTC.

The renter then completes proposed TxB by adding an input (I₁) which issigned by the renter. Input 1 spends the 15 BTC from TxA (see step 104,FIG. 1b ). The renter also adds three outputs to transaction TxB whichpay:

-   -   (i) one tokenised coin with an intrinsic value of 9 BTC to a        multi-signature address—output 1;    -   (ii) 1 BTC as a deposit to the company—Output 2; and    -   (iii) 5 BTC back to herself—Output 3.

The completed version of TxB is shown in FIG. 3 b. Note that if TxA hadan output of the same value as the cost of the car hire, no change wouldneed to be returned to the customer.

As the contract has been registered in the DHT, the associated URI andhash number can be represented using a coloured coin within metadata ina script. This allows the transaction to be associated with thecontract, and allows the contract to be referenced and accessed ifsecurity permissions permit it.

The redeem script for Output 1 of TxB is:

OP_2<metadata contract><renter's public key><company's publickey><escrow's public key>OP_4OP_CHECKMULTISIG

The two different redeem scripts for TxB's output O₀ and output O₁ areshown in FIG. 3b which provides an annotated example of Transaction TxB.

“Renter's public key” is the public key of the customer who is borrowingthe car. “Car's public key” is the public key of the car which is beingborrowed. “Company's public key” is the public key of the company thatis facilitating the car rental. “Escrow's public key” is the public keyof the escrow agent”.

The token representing the contract is a 2-of-3 multisig address thatincludes the renter's signature, the company's signature and the escrowagent's signature. A multi-signature transaction requires more than onesignature in order for the funds to be transferred. In the presentscenario, the 2-of-3 multisig mechanism is useful because it enables therenter to provide funds into the transaction with the rental company andthird-party arbitrator (escrow agent) named as potential signatories. Ifthe transaction goes smoothly, then both customer and the rental companysign the transaction, and the funds are forwarded to the rental company.If something goes wrong, they can sign a transaction to refund thecustomer. If they cannot agree, the escrow agent will arbitrate andprovide a second signature to the party that it deems deserves it.

When TxB has been completed by the customer, it is submitted to theblockchain network. This indicates that the customer has agreed to theterms in the contract, and wishes to proceed with the care hire. TheCLTV mechanism can be used to specify a time for Transaction broadcastand/or when the output can be spent.

Phase 2: Access is Enabled

In Step 106 of FIG. 1 b, the IoT device 104 uses the coloured coin fromTxB's output 0 to access the renter's public key from the DHT. Thelocation of the public key may be made available to the car via amessage. The message may contain a hash indicating where the public keyis located in the DHT. The IoT device 104 can then add the public key toits database of public keys corresponding to individuals who areauthorised to access the car. So now the car “knows” the customer'spublic key. Depending upon the implementation concerned, the key may bestored in memory provided in or on the IoT device, or stored off-devicein a separate location and then accessed by the device as and whenrequired. See step 106 of FIG. 1 b.

It should be noted, however, that in other embodiments of the inventionthe renter's public key could be communicated to the IoT device in anyother suitable manner and not necessarily via the manner described inthis example.

The customer has a smartphone 108 which contains the private key whichcorresponds to the public key provided previously to the car rentalcompany. The smartphone may be configured to execute an application(app) which has been downloaded and installed from the car rentalcompany's server. The app may provide functionality which enables thecustomer to interact with the car rental company and/or the car. Thesmartphone 108 communicates a message (“unlock doors”) to the IoT device104. The message is encrypted using the private key and can only bedecrypted with the corresponding public key. See step S108 of FIG. 1 b.

The car 104 receives the encrypted message from the smartphone, andattempts to decrypt it using the public key which was stored in step106. If the message cannot be decrypted to provide a predetermined valueor code, then verification has failed and the car remains locked.Alternatively, if the message can be successfully decrypted using thepreviously stored public key, then verification is deemed to havesucceeded and vehicle is unlocked. In this way, access to the resourceis either granted or denied based on the use of cryptographic keys.

During use, the smartphone app may be used to send various types ofmessage to the car, such as “lock”, “unlock”, “turn on lights” etc. Eachof these messages are encrypted using the customer's private key and thespecified task is carried out following successful decryption with thestored public key.

Phase 3: Access is Disabled

In the final phase, the period of hire comes to an end. This may bebecause the time period specified in the contract has run out, orbecause the customer no longer needs the vehicle, or some other reason.Therefore, the renter's temporary access to the car should now berevoked. When the vehicle has been returned (or termination of therental period is somehow recognised by the company), the escrow agentgenerates a new blockchain transaction (TxC) which includes using thecompany's signature and the renter's signature. See step S112 of FIG. 1b. The purpose of TxC is to ‘release’ the coloured coin so that the 9BTC funds can be paid to the car hire company. Transaction (TxC) isillustrated in FIG. 4.

TxC comprises two inputs as illustrated in FIG. 2. The first input (I₀)spends output O₁ from TxB. The second input (I₁) is an output from TxB′which is illustrated in FIG. 5. TxB′ was generated, as discussed above,by the car hire company.

Upon broadcast of TxC to the blockchain network, the car hire companysends a message to the IoT device 104 in step S114. The messageindicates that the hire process is completed. The message contains ahash of the renter's public key and the redeem script.

The IoT device 104 then removes, in a step S116, the renter's public keyfrom the car's memory (or wherever else it was stored) which means thatthe car can no longer decrypt messages from the smartphone 108.

The BID 106 then generates a new blockchain transaction TxD in a stepS118, to detokenise or convert the coloured coin generated by TxC into a“regular” Bitcoin value.

The detokenisation is performed by creating the new transaction, TxD,which has an input containing the token, and an output that does notcontain the token. In order to perform the detokenization the requiredsignature is presented to the locking script, plus a redeem script whichcontains the token. This can be expressed as:

HASH160 <hash of redeem script containing token>EQUAL (locking scriptfor output of TxC)<signature><redeem script containing token>(presented to locking scriptof TxC by TxD)HASH160 <hash of signature>CHECKSIG (Output of TxD: note, this does notcontain the token)

Therefore, the token has been removed by TxD.

Benefits of the present invention include (but are not limited to):

-   -   it is inherently secure by design—the blockchain (e.g. Bitcoin)        protocol requires no trusted parties;    -   as an embodiment is based on a blockchain protocol it utilises        ECDSA to prove ownership, which plays a pivotal role in        blockchain transactions; the invention provides strong security        through the use of cryptographic techniques    -   the invention can exploit the CheckLockTimeVerify (CLTV)        option/setting to broadcast the transaction at a time when        access to the resource is to be granted.    -   Distributed and decentralised, so avoids a large single point of        failure and is not vulnerable to attack;    -   easy to manage and maintain, the Bitcoin network is        straightforward to use;    -   inexpensive; just a small transaction fee is usually expected        under the Bitcoin protocol;    -   the blockchain is global and public, and can be used at any time        by anyone with access to the Internet;    -   transparent, once data has been written to the blockchain,        anyone can see it;    -   the record is immutable; once data has been written to the        blockchain, no one can change it; and    -   privacy and anonymity is maintained, no information is available        for identification of individuals or parties.

It should be noted that the above-mentioned embodiments illustraterather than limit the invention, and that those skilled in the art willbe capable of designing many alternative embodiments without departingfrom the scope of the invention as defined by the appended claims. Inthe claims, any reference signs placed in parentheses shall not beconstrued as limiting the claims. The word “comprising” and “comprises”,and the like, does not exclude the presence of elements or steps otherthan those listed in any claim or the specification as a whole. In thepresent specification, “comprises” means “includes or consists of” and“comprising” means “including or consisting of”. The singular referenceof an element does not exclude the plural reference of such elements andvice-versa. The invention may be implemented by means of hardwarecomprising several distinct elements, and by means of a suitablyprogrammed computer. In a device claim enumerating several means,several of these means may be embodied by one and the same item ofhardware.

The mere fact that certain measures are recited in mutually differentdependent claims does not indicate that a combination of these measurescannot be used to advantage.

1. A method of controlling access to and/or use of an internet-enabledresource, comprising the steps: permitting access to and/or use of theinternet-enabled resource upon provision of a private key whichcorresponds to a public key which has been stored in memory; andpreventing access to and/or use of the internet-enabled resource by:removing the public key from memory; and using a redeem script of asecond blockchain Transaction to spend a tokenised output of a firstblockchain Transaction.
 2. A method according to claim 1 wherein thepublic key, or a reference to its location, is stored in a DistributedHash Table.
 3. A method according to claim 1 wherein the public keywhich is stored in memory is stored in memory that is: i) accessible bythe internet-enabled resource; and/or ii) in, on or connected to theresource.
 4. A method according to claim 1 and wherein preventing accessto the internet-enabled resource further comprises: sending a message tothe internet-enabled resource, wherein the message communicates a publickey and the redeem script.
 5. A method according to claim 4 and furthercomprising the step of: checking whether the public key stored in memoryis related to, or matches, the public key communicated by the message.6. A method according to claim 1 wherein the tokenised output comprisesa locking script which includes metadata, and wherein the metadatacomprises the public key or a hash of the public key.
 7. A methodaccording to claim 1 wherein access to internet-enabled resource ispermitted upon provision of the private key by an encrypted messagewhich has been signed using the private key.
 8. A method according toclaim 7 and further comprising the step of: enabling access to theinternet-enabled resource if the stored public key can be used todecrypt the message.
 9. A method according to claim 7 wherein theencrypted message is generated and/or encrypted by a portable orhandheld computing device.
 10. A method according to claim 1 wherein theinternet-enabled resource is an IoT device.
 11. A method according toclaim 1 wherein the redeem script comprises a cryptographic keyassociated with the internet-enabled resource, optionally wherein thecryptographic key is a public key.
 12. A method according to claim 1 andfurther comprising the step of providing the first and/or secondblockchain transaction to a blockchain network.
 13. Acomputer-implemented system arranged to perform the method of claim 1.14. A system according to claim 13 wherein the system comprises: aninternet-enabled resource, wherein the resource is an IoT device orapparatus; a blockchain; and an internet-enabled client deviceassociated with a user and arranged to store a cryptographic keyassociated with the user, wherein the client device is a portable orhandheld computing device.
 15. A system according to claim 13 whereinthe internet-enabled resource is arranged to generate a blockchainTransaction and provide the Transaction to a blockchain network.